Google slams proposed export controls on security tools

A proposed set of software export controls, including controls on selling hacking software outside the U.S., are “dangerously broad and vague,” Google said Monday.Google, commenting on rules proposed by the U.S. Department of Commerce (DOC), said the proposed export controls would hurt the security research community.A DOC Bureau of Industry and Security (BIS) proposal, published in May would require companies planning to export intrusion software, Internet surveillance systems and related technologies to obtain a license before doing so. Exports to Canada would be exempt from the licensing requirement.To read this article in full or to leave a comment, please click here

Google slams proposed export controls on security tools

A proposed set of software export controls, including controls on selling hacking software outside the U.S., are "dangerously broad and vague," Google said Monday.Google, commenting on rules proposed by the U.S. Department of Commerce (DOC), said the proposed export controls would hurt the security research community.A DOC Bureau of Industry and Security (BIS) proposal, published in May would require companies planning to export intrusion software, Internet surveillance systems and related technologies to obtain a license before doing so. Exports to Canada would be exempt from the licensing requirement.To read this article in full or to leave a comment, please click here

Report: Microsoft paying $320 million for cloud security provider Adallom

Microsoft is said to be paying $320 million to acquire Adallom, a cloud security provider whose services might help Microsoft in its new push toward becoming a “cloud-first” company.Adallom provides back-end security tools that gather usage data and detect suspicious activity. Its services are used by Netflix, SAP and Hewlett-Packard, according to the company’s website. The acquisition was reported Monday by the Calcalist financial newspaper.A spokesman for Adallom declined to comment, and Microsoft did not immediately respond to a request for comment.Adallom could help boost the defenses of Microsoft products including Office 365 and Yammer. Adallom’s tools can give businesses more granular control over who has access to Office 365, or identify anomalies in usage patterns for the cloud suite, according to Adallom’s website. An acquisition would bring those tools under Microsoft’s umbrella.To read this article in full or to leave a comment, please click here

Spy’s suicide adds to Hacking Team scandal in South Korea

A South Korean intelligence officer who used a controversial surveillance system from Italy’s Hacking Team was found dead over the weekend in an apparent suicide as controversy swirls in the country over use of the software.The officer, identified by local media only as Lim, was a 20-year cyber-security veteran of the country’s National Intelligence Service (NIS) and ran the department that used the software, according to reports.He was found dead on Saturday in a car south east of Seoul. Burnt coal was found in the car and an autopsy conducted a day after his death on Saturday found he died of asphyxiation, according to reports. Burning charcoal in a confined space is a relatively common method of committing suicide in South Korea and Japan.To read this article in full or to leave a comment, please click here

Next-generation endpoint protection not as easy as it sounds

Rather than looking for signatures of known malware as traditional anti-virus software does, next-generation endpoint protection platforms analyze processes, changes and connections in order to spot activity that indicates foul play and while that approach is better at catching zero-day exploits, issues remain.For instance, intelligence about what devices are doing can be gathered with or without client software. So businesses are faced with the choice of either going without a client and gathering less detailed threat information or collecting a wealth of detail but facing the deployment, management and updating issues that comes with installing agents.To read this article in full or to leave a comment, please click here

Microsoft issues critical out-of-band patch for flaw affecting all Windows versions

Happy Monday, IT folks. Ready to patch and then restart your machines? I hope so as Microsoft released an out-of-band patch for a remote, critical flaw in the way Windows Adobe Type Manager Library handles OpenType fonts; all supported versions of Windows are affected. It's being exploited in the wild and Microsoft admitted some of its customers could be attacked. It's not every day Microsoft releases an out-of-band patch, so when it does so instead of deploying the fix on Patch Tuesday, then it means patch now.This morning Microsoft Premier Support customers received notification that Microsoft would release an out-of-band patch for a critical remote code execution (RCE) vulnerability that affects all versions of Windows. There was no more information, other than that a reboot would be required after the patch was installed. Everyone else was notified when Microsoft made the out-of-band patch announcement at 10 am PST.To read this article in full or to leave a comment, please click here

Security suites: Choosing the best one for you

The old days of straightforward antivirus software packages are gone -- victim of a changing threat scene in which the dangers are more complex than ever and come from multiple sources. No longer are viruses and Trojans the only risks. Today you can also be victimized by phishing attacks, spyware, privacy invasions, social media scams and the possibility of losing your mobile device. To complicate matters even further, most of us commonly use multiple devices, frequently with different operating systems. I'm a perfect case of that: My computing arsenal includes a Windows desktop PC, a MacBook Air, two Windows-based Surface tablets, two iPads, an iPhone and a Google Nexus 7 Android tablet.To read this article in full or to leave a comment, please click here

Review: McAfee LiveSafe offers top Windows, Android protection

McAfee LiveSafe is the best product in McAfee's sizable security portfolio. Its suite offers protection for an unlimited number of Windows PCs, Macs and Android and iOS devices, along with a Web dashboard. There's 1TB of cloud-based storage as well. The whole thing is available for $60 per year.Windows McAfee gives you a solid complement of protection tools for your PC that includes virus and spyware protection, Web and email protection, and parental controls. Also included is a suite of not overly impressive tune-up tools. The interface is straightforward, with big icons representing each of its modules. I found the design to be clear and simple, letting me easily drill down to customize any feature. Modules include Virus and Spyware Protection, Web and Email Protection, Data Protection, PC and Home Network Tools, and Parental Controls. There are also icons that you can click to update the software or see the status of your subscription.To read this article in full or to leave a comment, please click here

Link Aggregation on HP Moonshot – A Neat Trick

The Broadcom switching OS running on HP's Moonshot 45G and 180G switches can do a neat trick1 that I haven't seen on other platforms.

Background: LACP-Individual
The trick revolves around interfaces that are sometimes aggregated, and sometimes run as individuals. Lots of platforms don't support this behavior. On those platforms, if an interface is configured to attempt aggregation but doesn't receive LACP PDUs, the interface won't forward traffic at all. Less broken platforms make this behavior configurable or have some goofy in-between mode which allows one member of the aggregation to forward traffic.

If the Moonshot were saddled with one of these broken2 switching OSes, we'd be in a real pickle: Moonshot cartridges (my m300s, anyway) require PXE in order to become operational, and PXE runs in the option ROM of an individual network interface. Even if that interface could form an one-member aggregation, it wouldn't be able to coordinate its operation with the other interface, and neither of their LACP speaker IDs would match the one chosen by the operating system that eventually gets loaded.

I suppose we could change the switch configuration: Add and remove individual interfaces from aggregations depending on the mode required by the Continue reading

Explaining the Pervasive Kludgeitis

I found a great explanation for hodgepodge of kludges found in "organically grown" solutions (legacy precursors to SD-WAN come to mind):

In a long-lived project, components are being replaced. Nice reusable components are easy to replace and so they are. Ugly non-reusable components are pain to replace and each replacement means both a considerable risk and considerable cost. Thus, more often then not, they are not replaced. As the years go by, reusable components pass away and only the hairy ones remain. In the end the project turns into a monolithic cluster of ugly components melted one into another.

Note: You really should read the whole blog post.

Cyberspies love exploits from Hacking Team leak

The leaked files from surveillance software maker Hacking Team have proven to be a great resource for cyberespionage groups, which have used at least two Flash Player exploits from the company’s arsenal.Last Tuesday, security researchers from security firm FireEye detected targeted attacks against organizations in Japan, with the attackers using an exploit for CVE-2015-5122, a Flash Player vulnerability patched by Adobe Systems that same day.The vulnerability was publicly known before that date because an exploit for it was found in the 400GB data cache recently leaked by a hacker from Milan-based Hacking Team.To read this article in full or to leave a comment, please click here

1 3,358 3,359 3,360 3,361 3,362 3,808